﻿using System;
using System.Linq;
using System.Web;
using System.Web.Http.Controllers;

using Zongsoft.Security.Membership;

namespace Dxr.Police.Web
{
    public static class AuthenticationUtility
    {
        #region 公共字段
        public static readonly string CredentialKey = "__Zongsoft.Credential__";
        #endregion

        #region 方法
        public static string GetCredentialId()
        {
            var credentialId = string.Empty;

            credentialId = HttpContext.Current.Request.QueryString["UserId"];

            if (string.IsNullOrEmpty(credentialId))
            {
                var cookie = HttpContext.Current.Request.Cookies[CredentialKey];

                if (cookie != null)
                    credentialId = cookie.Value;
            }

            if (!string.IsNullOrEmpty(credentialId))
                SetCredentialCookie(credentialId, TimeSpan.Zero);

            return credentialId;
        }

        public static bool IsAuthenticated(System.Security.Principal.IPrincipal principal)
        {
            return (principal != null && principal.Identity != null && principal.Identity.IsAuthenticated);
        }

        public static void SetCredentialCookie(string credentialId, TimeSpan duration)
        {
            if (string.IsNullOrEmpty(credentialId))
                throw new ArgumentNullException("CredentialId");

            var ticket = new System.Web.HttpCookie(CredentialKey, credentialId);

            if (duration > TimeSpan.Zero)
                ticket.Expires = DateTime.Now + duration;

            HttpContext.Current.Response.Cookies.Set(ticket);
        }
        #endregion

        #region 内部方法
        internal static string GetUserId(string credentialId)
        {
            return credentialId;
        }

        internal static AuthorizationAttribute GetAuthorizationAttribute(HttpActionDescriptor actionDescriptor)
        {
            var attribute = actionDescriptor.GetCustomAttributes<AuthorizationAttribute>(true).FirstOrDefault();

            if (attribute == null)
                attribute = actionDescriptor.ControllerDescriptor.GetCustomAttributes<AuthorizationAttribute>(true).FirstOrDefault();

            return attribute;
        }

        internal static AuthorizationMode GetAuthorizationMode(HttpActionDescriptor actionDescriptor)
        {
            var attribute = GetAuthorizationAttribute(actionDescriptor);

            if (attribute == null)
                return AuthorizationMode.Anonymous;

            return attribute.Mode;
        }

        //internal static AuthorizationAttribute GetAuthorizationAttribute(ActionDescriptor actionDescriptor)
        //{
        //    var attribute = (AuthorizationAttribute)actionDescriptor.GetCustomAttributes(typeof(AuthorizationAttribute), true).FirstOrDefault();

        //    if (attribute == null)
        //    {
        //        attribute = (AuthorizationAttribute)actionDescriptor.ControllerDescriptor.GetCustomAttributes(typeof(AuthorizationAttribute), true).FirstOrDefault();
        //    }

        //    return attribute;
        //}

        //internal static AuthorizationMode GetAuthorizationMode(ActionDescriptor actionDescriptor)
        //{
        //    var attribute = GetAuthorizationAttribute(actionDescriptor);

        //    if (attribute == null)
        //        return AuthorizationMode.Anonymous;

        //    return attribute.Mode;
        //}
        #endregion
    }
}
